Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/QqkudKunMUKBthjTbfxH6DvLTeo.roa
File: QqkudKunMUKBthjTbfxH6DvLTeo.roa (raw, json)
Hash identifier: f0YNgsRujKdG0pFUSU1Y3CVAMiNy2Rlk/0FRlMcC0PU=
Subject key identifier: 42:A9:2E:74:AB:A7:31:42:81:B6:18:D3:6D:FC:47:E8:3B:CB:4D:EA
Certificate issuer: /CN=b9e6c41a2b04fcd8f8e95718fa7d2e12cc44ac1f
Certificate serial: 018CC94E63B1A7661D7BBD6670778C38BF83
Authority key identifier: B9:E6:C4:1A:2B:04:FC:D8:F8:E9:57:18:FA:7D:2E:12:CC:44:AC:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uebEGisE_Nj46VcY-n0uEsxErB8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/QqkudKunMUKBthjTbfxH6DvLTeo.roa
Signing time: Tue 02 Jan 2024 08:33:26 +0000
ROA not before: Tue 02 Jan 2024 08:33:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 2a12:de43::/32 maxlen: 32
Validation: Failed, certificate revoked on Tue 14 May 2024 17:46:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:63:b1:a7:66:1d:7b:bd:66:70:77:8c:38:bf:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9e6c41a2b04fcd8f8e95718fa7d2e12cc44ac1f
Validity
Not Before: Jan 2 08:33:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=42a92e74aba7314281b618d36dfc47e83bcb4dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:ef:ba:51:6a:67:66:3a:3b:3a:35:b1:67:fd:
85:0e:d1:f7:9e:c0:8c:fe:20:8b:36:52:b7:d5:63:
3d:61:ac:74:e5:07:f5:ff:8e:08:5b:d6:59:c3:72:
af:14:b3:b3:69:23:b9:b9:84:9b:47:34:ce:a4:29:
70:d8:75:fe:b2:25:ab:6b:8b:a6:88:d6:96:1f:b1:
22:f2:f7:31:36:7f:25:af:a4:2d:17:7e:b6:65:72:
a3:bd:93:34:4a:7e:0b:1b:fb:a7:fa:6a:b6:9d:07:
df:53:9c:cd:b4:ad:06:0e:78:8d:10:90:74:ef:a9:
c4:40:97:10:80:39:81:84:3c:df:77:0d:2c:4e:8b:
7a:f9:dc:69:5f:ca:60:89:b0:e3:ed:00:bf:7c:5c:
b9:e3:cb:5f:69:bb:3f:ed:b8:32:cc:02:f0:da:a0:
22:ef:c3:8a:18:68:73:6f:eb:bf:1f:e3:1a:74:a7:
4b:1e:b8:5a:69:5e:69:72:b2:48:05:fb:79:a2:14:
3f:17:e2:e4:b0:be:e2:bc:9f:5a:c5:f9:59:be:38:
78:d5:b8:68:9c:d2:ef:bc:9d:19:94:62:5b:bb:cf:
22:8b:55:bb:11:0f:21:74:10:32:84:3f:38:03:89:
2a:94:fb:3e:66:bd:1b:14:34:9d:d1:35:72:73:2b:
2a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:A9:2E:74:AB:A7:31:42:81:B6:18:D3:6D:FC:47:E8:3B:CB:4D:EA
X509v3 Authority Key Identifier:
keyid:B9:E6:C4:1A:2B:04:FC:D8:F8:E9:57:18:FA:7D:2E:12:CC:44:AC:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uebEGisE_Nj46VcY-n0uEsxErB8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/QqkudKunMUKBthjTbfxH6DvLTeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c261bf-6c6b-4b07-b5aa-c08c0446d613/1/uebEGisE_Nj46VcY-n0uEsxErB8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a12:de43::/32
Signature Algorithm: sha256WithRSAEncryption
09:88:76:26:ae:33:f2:f4:a3:00:09:e9:35:3d:d0:7e:a6:c3:
da:ec:f0:c3:17:6c:a7:d9:59:b1:26:52:32:78:8f:e8:01:31:
07:eb:d3:46:b8:75:3a:1b:cf:7a:cb:5b:fd:06:ae:4e:ae:0c:
d7:3a:0d:33:4e:49:26:6e:7d:1b:06:8b:f8:77:e5:c0:4e:e7:
43:62:b0:8a:9d:8b:35:67:fa:63:85:6d:a5:0b:67:62:2f:7e:
1d:42:24:13:f4:dd:4b:b8:7d:7f:70:9e:85:dd:49:2c:ab:91:
34:5a:6a:7a:b9:9f:55:23:0e:2a:49:31:7d:d3:b3:ed:d0:ef:
56:f2:4d:3d:4c:b8:b4:0e:26:3f:c6:64:82:88:ff:c9:8f:70:
32:3e:a0:9a:9c:87:93:8f:53:f2:af:33:46:6d:cf:11:46:51:
e6:12:6d:5d:e6:ec:d2:52:5f:b8:4e:e6:1b:29:7f:a7:a0:4f:
06:af:30:2f:0a:f8:e3:80:9f:8d:03:d1:2d:46:19:8c:9e:06:
16:55:c6:fe:ec:92:dc:52:74:99:57:87:7e:33:a9:41:34:aa:
3b:9a:5e:56:2e:37:9f:3b:52:9b:60:9e:3f:41:39:a4:51:92:
4b:79:8e:4c:12:d9:a6:7c:a7:5e:2b:a2:f8:68:2b:ca:92:b0:
70:ce:0e:7b
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzJTmOxp2Yde71mcHeMOL+DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5ZTZjNDFhMmIwNGZjZDhmOGU5NTcxOGZhN2QyZTEyY2M0
NGFjMWYwHhcNMjQwMTAyMDgzMzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmE5MmU3NGFiYTczMTQyODFiNjE4ZDM2ZGZjNDdlODNiY2I0ZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkO+6UWpnZjo7OjWxZ/2FDtH3nsCM
/iCLNlK31WM9Yax05Qf1/44IW9ZZw3KvFLOzaSO5uYSbRzTOpClw2HX+siWra4um
iNaWH7Ei8vcxNn8lr6QtF362ZXKjvZM0Sn4LG/un+mq2nQffU5zNtK0GDniNEJB0
76nEQJcQgDmBhDzfdw0sTot6+dxpX8pgibDj7QC/fFy548tfabs/7bgyzALw2qAi
78OKGGhzb+u/H+MadKdLHrhaaV5pcrJIBft5ohQ/F+LksL7ivJ9axflZvjh41bho
nNLvvJ0ZlGJbu88ii1W7EQ8hdBAyhD84A4kqlPs+Zr0bFDSd0TVycysq2QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEKpLnSrpzFCgbYY0238R+g7y03qMB8GA1UdIwQY
MBaAFLnmxBorBPzY+OlXGPp9LhLMRKwfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWViRUdpc0VfTmo0NlZjWS1uMHVFc3hFckI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMjYxYmYtNmM2Yi00YjA3LWI1YWEt
YzA4YzA0NDZkNjEzLzEvUXFrdWRLdW5NVUtCdGhqVGJmeEg2RHZMVGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMjYxYmYtNmM2Yi00YjA3LWI1YWEtYzA4YzA0NDZkNjEz
LzEvdWViRUdpc0VfTmo0NlZjWS1uMHVFc3hFckI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKhLeQzAN
BgkqhkiG9w0BAQsFAAOCAQEACYh2Jq4z8vSjAAnpNT3QfqbD2uzwwxdsp9lZsSZS
MniP6AExB+vTRrh1OhvPestb/QauTq4M1zoNM05JJm59GwaL+HflwE7nQ2Kwip2L
NWf6Y4VtpQtnYi9+HUIkE/TdS7h9f3Cehd1JLKuRNFpqermfVSMOKkkxfdOz7dDv
VvJNPUy4tA4mP8Zkgoj/yY9wMj6gmpyHk49T8q8zRm3PEUZR5hJtXebs0lJfuE7m
Gyl/p6BPBq8wLwr444CfjQPRLUYZjJ4GFlXG/uyS3FJ0mVeHfjOpQTSqO5peVi43
nztSm2CeP0E5pFGSS3mOTBLZpnynXiui+GgrypKwcM4Oew==
-----END CERTIFICATE-----
Generated at Thu Jun 6 18:00:39 2024 by rpki-client on console-fra.rpki-client.org